What is a Private IP Address?
When you send a letter from your house to a friend, you have to know the address to send it to so that the postman knows which street and which house to take it to. Computer networks such as the Internet are no different, except instead of sending your Web traffic to an address like 1145 Main Street, your computer's "location" (the destination for your emails and Google inquiries) is known by its IP (Internet protocol) address.
In theory, your individual computer has to have its own unique IP address so that it will only receive the information that is meant for you. You don't want your emails and the responses to your Google searches going anywhere else. (If you go to the WhatIsMyIPAddress.com home page, you can see your public IP address.)
However, there is a major exception to this: That would be those network computers that are linked to a router and share the same IP address. Included in that number are home/office networks. All routers have an IP address built in.
In this instance, the router—once it has established its Internet connection through an Internet Service Provider—sends data to each individual device on that network based on something called a Network Address Translator (NAT).
The organization that doles out IP addresses to the world reserves a range of IP addresses for private networks. Private networks can use IP addresses anywhere in the following ranges:
- 192.168.0.0 - 192.168.255.255 (65,536 IP addresses)
- 172.16.0.0 - 172.31.255.255 (1,048,576 IP addresses)
- 10.0.0.0 - 10.255.255.255 (16,777,216 IP addresses)
The assumption is that these private address ranges are not directly connected to the Internet, so the addresses don't have to be unique. In today's world, these private address ranges are often used for the protected network behind network translation devices.
Why is that? Because in a private network, the router connects to the Internet. From there, the router connects the other devices (usually desktops, laptops and tablets).
Because the private address ranges in a network don't have to be synchronized with the rest of the world, the complete address range is available from any network. A network administrator using these private addresses has more room for subnetting, and many more assignable addresses.
These blocks of addresses can be used by anyone, anywhere. Even if your neighbor is using the exact same addresses, it won't cause a problem. This is possible because these addresses are known as non-routable addresses. The network devices on the Internet are programmed to recognize these addresses. These devices (known as routers) will recognize that these are private addresses belonging to your network and will never forward your traffic onto the Internet.
You do need to obtain one real address from the general pool so that your home router can perform what is known as Network Address Translation (NAT). NAT is a process in which your router changes your private IP Address into a public one so that it can send your traffic over the Internet, keeping track of the changes in the process. When the information comes back to your router, it reverses the change—from a real IP address into a private one—and forwards the traffic back to your computer.
A typical home network router keeps two IP addresses: one for local devices to connect to across the local area network (LAN), and one for the external or wide area network (WAN) Internet connection.
The internal LAN-IP address is normally set to a default, private number. Linksys brand routers, for example, use 192.168.1.1 for their internal IP address. No matter the brand of router, its default internal IP address is listed in the manufacturer's documentation. Administrators have the option to change this IP address during router setup or at any time later. Unless someone manually changes it, however, this private LAN-IP address remains fixed.
The external WAN-IP address of the router is set when the router connects to the Internet service provider. This address can also be viewed on the router's administrative console. Alternatively, the WAN-IP address can be found by visiting a Web-based IP address lookup service—such as WhatIsMyIPAddress.com—from any computer on the home LAN.
I'm being attacked by one of these IP addresses!
If you are seeing unexplained Internet traffic to your computer from these numbers, it is important to remember the following things:
- The traffic does not come from IANA. As the authority for IP addresses, they do not use or operate them, and they are not the source of the traffic.
- As use of these numbers is untracked and unrestricted, we can not tell you who is using these numbers.
- It is perfectly normal to see traffic from these numbers if you have a small home or office network. By default, most routers and access points use these numbers to assign to your local computers. It is most likely these numbers represent computers on your own internal network.
- If you see these numbers in the headers of an unsolicited email, they usually indicate transit between servers within a corporate network or ISP. They are not useful in identifying the origin of an email. In such cases you can usually find the true origin by looking for the earliest "Received" mail header.